403 Forbidden 2.4 kB URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1098)
Hash c15ba2ecd68fcb5108d540c0c9324e1f
d5818bac3b40733085729b0811abdeda7cd77e46
36fc3036ce4b89d41a1317cf5f55df4eb916241b5bc9a1bc2e124c51eb4ebbef
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET / HTTP/1.1
Host: ix.kingtv.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Mon, 25 Sep 2023 22:21:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYcgkc1FirZfkheHj9VI205c8HRMJGUQdPebNOCHk7OyzZQV%2FHBbughE6AMpJf52sbFJ1KYGP%2FvjF34oKIGX%2FgFPHUfXxddHz%2BHi2p5zZFzo0GojNV%2Fp5GdYnX7Dy2E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 80c6a8806ebdb4fa-OSL
Content-Encoding: gzip
ix.kingtv.pw/cdn-cgi/styles/main.css
200 OK 2.2 kB URL GET HTTP/1.1 ix.kingtv.pw/cdn-cgi/styles/main.css
IP
File type ASCII text, with very long lines (8012)
Hash ff26f59e28a5fe6ea4ab23586415696b
4182675484d175e363cd34b43041b7b1af93d0cd
d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /cdn-cgi/styles/main.css HTTP/1.1
Host: ix.kingtv.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ix.kingtv.pw/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 25 Sep 2023 22:21:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Sep 2023 16:02:33 GMT
ETag: W/"6511af19-1f4d"
Server: cloudflare
CF-RAY: 80c6a88408b2b4fa-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 26 Sep 2023 00:21:06 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
ix.kingtv.pw/favicon.ico
403 Forbidden 2.0 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Hash 506a47c34114d548779a029b05cc3350
e12d8b70ce4b110eca8c71a5f81e14a05a2c617b
5de124c676ae5cd05593b9a376ec0ae00cdfa9f26610208436b61b0f7b8be478
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /favicon.ico HTTP/1.1
Host: ix.kingtv.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ix.kingtv.pw/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Mon, 25 Sep 2023 22:21:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUfn4S5RhGYk34NplHQ9UmUDhCERTjvUSk3UhFEbe3wVZS6TvjjH%2Ffqk4uCG9mDOEMAPWJn1cmDfv1pvrNFR2wuRISdWC8gVLScASA5mDsYwCA5oLducKzYUXHMejHE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 80c6a884d925b4fa-OSL
Content-Encoding: gzip
ix.kingtv.pw/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 20 B URL GET HTTP/1.1 ix.kingtv.pw/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
File type gzip compressed data, max speed\012- data
Hash 6a6322412c601e234563f3494141f234
5775250783667cd33138122c7bcf854a3409ce40
458c5a203299dd326aa747fee1bbc7709bfbd560507d1603459d9f7d9eb6be76
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: ix.kingtv.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Mon, 25 Sep 2023 22:21:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=300, public
access-control-allow-origin: *
content-encoding: gzip
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FvNCT8KUxmWhpmnBZdp1wpzlTM1Tnau8fHM5gz2grpiLKoiVazgrYBg1CsHYx3ca6YhIEt5i1Nk0l6g11Urs0PZNJRtkgKNo4qnl7%2F1e2I4Uc22DgWG23TAR5Y9Fr4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 80c6a884e930b4fa-OSL
ix.kingtv.pw/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
200 OK 3.6 kB URL GET HTTP/1.1 ix.kingtv.pw/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
IP
File type ASCII text, with very long lines (7388), with no line terminators
Hash c9086b799d72f86c3c8c35d9a94f806f
71afa5e0cc5cdfea39e667510cb22803e35ed852
932b50525f6cbabeea9cbd3191189708bfee80e45437dfec24fe6a5fd01a6ba9
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js HTTP/1.1
Host: ix.kingtv.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 25 Sep 2023 22:21:06 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZafETstYaIAO1WKLLiD%2BQdJA5OB754lJspCc2DgAHbzeQBpephdj4U57dXNEgaltOYNY6R15U3on%2FUlE8PBkLoIIZsKpxPEg6P1BpS1lyISVoEsUAYzQ52DZ0y26eDg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 80c6a8850945b4fa-OSL
ix.kingtv.pw/cdn-cgi/challenge-platform/h/g/jsd/r/80c6a8806ebdb4fa
200 OK 20 B URL POST HTTP/1.1 ix.kingtv.pw/cdn-cgi/challenge-platform/h/g/jsd/r/80c6a8806ebdb4fa
IP
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /cdn-cgi/challenge-platform/h/g/jsd/r/80c6a8806ebdb4fa HTTP/1.1
Host: ix.kingtv.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 11594
Origin: http://ix.kingtv.pw
DNT: 1
Connection: keep-alive
Referer: http://ix.kingtv.pw/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 25 Sep 2023 22:21:06 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=Y5_YEb.ZYDz5b2f9Q.koFysaBbg65ZxhRWRuiePY3qk-1695680466-0-1-32b3bbaf.6b0d8b6b.3eb1b0e5-0.2.1695680466; path=/; expires=Tue, 24-Sep-24 22:21:06 GMT; domain=.kingtv.pw; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0wX0UpWDXQtJqmuKdkR2kZM0dhtsRrS%2FF2GO6XOpAe5E6PvLDhHnT46siQxaZ7SaoPRCWDL8lLhJ2nIZa3t6TFP3hqp7y0Za5IJm3pFrS6tZ3ujFnM%2FA2w4ebn2TBQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 80c6a88639f1b4fa-OSL
Content-Encoding: gzip
performance.radar.cloudflare.com/beacon.js
200 OK 9.1 kB URL GET HTTP/2 performance.radar.cloudflare.com/beacon.js
IP
Certificate IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (9485), with no line terminators
Hash 1793d7e5adaafbedb7a012304e2e7089
4ef8ac7bc1490e9e6763ead3fb0a94dcb33bc5f2
884fda4aff05e7bc4f3b3d614a06b1f4fb225f38eeaf63aeed85da10c3600fae
GET /beacon.js HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 25 Sep 2023 22:21:06 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: no-referrer
timing-allow-origin: *
set-cookie: __cf_bm=YxUytExXzMvlR10G9CRwHKkcwwcCuEms5Go1LPmlrAk-1695680466-0-AVE5D5/sOJa1JxDvJ7Sqg/1VLjvrrEA/B5hClM6inAcMBgHkueuAGVeU7RUKg4MvUxBOBU8Dmzf0tCiRyrhSqmM=; path=/; expires=Mon, 25-Sep-23 22:51:06 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 80c6a88439fa0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.159.126
104.18.31.78